Module org.elasticsearch.security
Class SamlSpMetadataBuilder
java.lang.Object
org.elasticsearch.xpack.security.authc.saml.SamlSpMetadataBuilder
Constructs SAML Metadata to describe a Service Provider.
This metadata is used to configure Identity Providers that will interact with the Service Provider.
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic classstatic class -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionassertionConsumerServiceUrl(String acsUrl) The (POST) URL to be used to accept SAML assertions (authentication results)authnRequestsSigned(Boolean authnRequestsSigned) Whether this Service Provider signsAuthnRequestmessages.org.opensaml.saml.saml2.metadata.EntityDescriptorbuild()Constructs anEntityDescriptorthat contains a singleSPSSODescriptor.encryptionCertificates(Collection<X509Certificate> encryptionCertificates) The certificate that should be used to send encrypted data to the service provider.encryptionCredentials(Collection<org.opensaml.security.x509.X509Credential> credentials) The certificate credential that should be used to send encrypted data to the service provider.nameIdFormat(String nameIdFormat) The format that the service provider expects for incoming NameID element.organization(String orgName, String displayName, String url) The organisation that operates the service providerorganization(SamlSpMetadataBuilder.OrganizationInfo organization) The organisation that operates the service providerserviceName(String serviceName) The name of the service, for use in aAttributeConsumingServicesigningCertificate(X509Certificate signingCertificate) The certificate that the service provider users to sign SAML requests.signingCredential(org.opensaml.security.x509.X509Credential credential) The certificate credential that should be used to send encrypted data to the service provider.singleLogoutServiceUrl(String slsUrl) The (GET/Redirect) URL to be used to handle SAML logout / session terminationwithAttribute(String friendlyName, String name) Request a named attribute be provided as part of assertions.withContact(String type, String givenName, String surName, String email) A contact within the organisation that operates the service providerA contact within the organisation that operates the service provider
-
Constructor Details
-
SamlSpMetadataBuilder
- Parameters:
locale- The locale to use for element that requirexml:langattributesentityId- The URI for the Service Provider entity
-
-
Method Details
-
nameIdFormat
The format that the service provider expects for incoming NameID element. -
serviceName
The name of the service, for use in aAttributeConsumingService -
withAttribute
Request a named attribute be provided as part of assertions. Specified in aAttributeConsumingService -
assertionConsumerServiceUrl
The (POST) URL to be used to accept SAML assertions (authentication results) -
singleLogoutServiceUrl
The (GET/Redirect) URL to be used to handle SAML logout / session termination -
authnRequestsSigned
Whether this Service Provider signsAuthnRequestmessages. -
signingCertificate
The certificate that the service provider users to sign SAML requests. -
signingCredential
public SamlSpMetadataBuilder signingCredential(org.opensaml.security.x509.X509Credential credential) The certificate credential that should be used to send encrypted data to the service provider. -
encryptionCertificates
public SamlSpMetadataBuilder encryptionCertificates(Collection<X509Certificate> encryptionCertificates) The certificate that should be used to send encrypted data to the service provider. -
encryptionCredentials
public SamlSpMetadataBuilder encryptionCredentials(Collection<org.opensaml.security.x509.X509Credential> credentials) The certificate credential that should be used to send encrypted data to the service provider. -
organization
The organisation that operates the service provider -
organization
The organisation that operates the service provider -
withContact
A contact within the organisation that operates the service provider -
withContact
public SamlSpMetadataBuilder withContact(String type, String givenName, String surName, String email) A contact within the organisation that operates the service provider- Parameters:
type- Must be one of the standard types onContactPersonTypeEnumeration
-
build
Constructs anEntityDescriptorthat contains a singleSPSSODescriptor.- Throws:
Exception
-